63cf53e7b4138ed2e047315beb8f9e7ec1f4b41b1ce690a8d06d143eb4ddfe96

Analysis

max time kernel
1800s
max time network
1802s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2023, 19:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

beamng.log
Size

32B
MD5

fe76f78ff440695a0206fe4ed61ad9b7
SHA1

439c49448e32b8138a1af9953b95d8550e11a2e5
SHA256

63cf53e7b4138ed2e047315beb8f9e7ec1f4b41b1ce690a8d06d143eb4ddfe96
SHA512

a3d671d2aa07ea015f4ad3c5c0c3d11158a65b3349170ebc92f68f5fc6beda18e347e5ca32e7fb628502ef53887322c32a0ca5d573810b6133af0b4e7d85d183

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Google\Chrome\Application\debug.log	chrome.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\debug.log	chrome.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133334047876760963"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
4120	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4192	chrome.exe
4192	chrome.exe
6536	chrome.exe
6536	chrome.exe

Suspicious behavior: LoadsDriver 4 IoCs

pid	Process
660	Process not Found
660	Process not Found
660	Process not Found
660	Process not Found

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe
Token: SeShutdownPrivilege	4192	chrome.exe
Token: SeCreatePagefilePrivilege	4192	chrome.exe

Suspicious use of FindShellTrayWindow 52 IoCs

pid	Process
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

pid	Process
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
4192	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe
6536	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4192 wrote to memory of 2460	4192	chrome.exe	91
PID 4192 wrote to memory of 2460	4192	chrome.exe	91
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 2648	4192	chrome.exe	93
PID 4192 wrote to memory of 4784	4192	chrome.exe	95
PID 4192 wrote to memory of 4784	4192	chrome.exe	95
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94
PID 4192 wrote to memory of 376	4192	chrome.exe	94

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\beamng.log
1⤵
- Opens file in notepad (likely ransom note)
PID:4120

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Drops file in Program Files directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa62099758,0x7ffa62099768,0x7ffa62099778
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:2
  2⤵
  PID:2648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2240 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2916 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2908 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:2772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4552 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4976 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:3192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4568 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:1932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5204 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:1920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5308 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3208 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3192 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3224 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5844 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5984 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6040 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:3092
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6200 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6332 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6500 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:1896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6668 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:1476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6828 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:8
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=7012 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6460 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:2380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=7324 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=7348 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:3484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6472 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7008 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7468 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:3024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7936 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=8244 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:1472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=8408 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8612 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8624 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  - Drops file in Program Files directory
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=8920 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7004 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=9940 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=9792 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=9648 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=9504 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=9120 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=9096 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=9064 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6192 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:6016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=10348 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:6080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=10636 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=10640 --field-trial-handle=1836,i,8843475101971640290,13198311188177174643,131072 /prefetch:1
  2⤵
  PID:5236

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1876

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x2ec 0x4a4
1⤵
PID:4436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:6536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa62099758,0x7ffa62099768,0x7ffa62099778
  2⤵
  PID:6556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:2
  2⤵
  PID:6808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2216 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:6932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2844 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2836 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:6828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4532 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4748 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:2052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4856 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:3228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5152 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5216 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:1720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=988 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1696 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:1716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4984 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5016 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:4564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2260 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2504 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5240 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5668 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4768 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5896 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6352 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=6336 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6368 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:2984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=6360 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=6892 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:2156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6656 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:3048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=7248 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=7260 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=7888 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6724 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=6408 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=6904 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6964 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6988 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:6548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=7012 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6948 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6972 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6916 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:3420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8508 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:2624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8560 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8896 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:8
  2⤵
  PID:5272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5200 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=6100 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=7844 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8760 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8764 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:1256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=8868 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9024 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=9752 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:1304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=9628 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=8920 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:5140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=9420 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:1
  2⤵
  PID:4352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3024 --field-trial-handle=1900,i,5874396467104879138,451801326165227041,131072 /prefetch:2
  2⤵
  PID:2456

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2156

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
c7230597ca16dd4709272c49a1d63158

SHA1
a3c5030684b7c39e894b50ebd778b5d3e69ba59b

SHA256
59ccf839e88266762a452679d678f50b1e35f81300001f681929ec54d0f8f01e

SHA512
de0c36f5edea397605fcd6dc24c8caefd3b7335ecef417b9ac5db100311218d3b896611a5ed2e68332d612cb3df8f8b443ee0eff7e0d540a052b6427dd44ff6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
c7230597ca16dd4709272c49a1d63158

SHA1
a3c5030684b7c39e894b50ebd778b5d3e69ba59b

SHA256
59ccf839e88266762a452679d678f50b1e35f81300001f681929ec54d0f8f01e

SHA512
de0c36f5edea397605fcd6dc24c8caefd3b7335ecef417b9ac5db100311218d3b896611a5ed2e68332d612cb3df8f8b443ee0eff7e0d540a052b6427dd44ff6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
2e0f8123664cc7f8a9758169601dc8ec

SHA1
2d3efe860e7e15a6a426c1963cda18e89393df8e

SHA256
b0274a39b9f1f478d1d9d358eea7308827785aaafdbd765b3ba65e314e559b8f

SHA512
037adf5dee123bedec3da30a528fd69dc1997691a5c3971c47a8875d0b2da2443d7c30223671297518c62bf97dca3cd8e2053c83f6ed2af58c954fe94369ec7c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
517ec958c41f0ca8caa2de380e4d2df1

SHA1
e41a810890a821a8acd781d501044f5469ae33fb

SHA256
400ac5fff1dd021d31babb2f8b78af5e39c408835f4fc487996ba9c9bb8cbd13

SHA512
0b084f1bf4a531ec2103a1481b660bbe3abcd46fd3506ac0328213ff05624c87511eaff85b1fb838bab125516578d9341bcc5b06f083a6ea73a8784a29ec330d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
9f4ca22d69ef97105aade60a6149b1b9

SHA1
0f9aed3070528f0f14a7f3231af9dcee76118aa5

SHA256
9a448c6c039f7b644608fd82ac32a81cf17a6eab24f0d6d0ad2daefd91353e6c

SHA512
f1e9cbfecf059c59db51d6c04d9778ae36507ff8db3001c184a2cf2bc3d3e30cc36e68f00352a89b1ce874c47073c8a59ca7f01e661d78851227d26aee609c8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

Filesize
16KB

MD5
9be5851ff30ecebbba807ca9f206f692

SHA1
24dd1e0d877cb5e50070ad69052a3e1bb6844cc2

SHA256
b3a476e1adb4d77df189a0dd8204119d8df5f0d1ecc1ce28bcb07b1d3e73408a

SHA512
fda1ec6ffb9ca5125b280dcbf24c3dbfbeae3e496e68fe4a3c2f8d19f103454f15f2e7b9b163ab0096e46851008e7df27f8c0be2dc8037991b49ffe378d4df43

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1dee42051f2c1dcd98cb83758fe7795e

SHA1
1c42690d9fb9a58cfab83bc3014f1ba4aa2ddf8f

SHA256
e6532eeef793a69673bd8b9a9e693f26668c372978cf15a9b9206f69e2df8082

SHA512
850e038ec3f43bb23cc33615862625425ca330a0e6a5b6f5b4f1543fecc50f67965b23480df6175d6ed4c81d1b7f6f62179fffceb4f0c2bc0339757c0796c359

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
2f25115d4ad80c26c7aea0c445fa8274

SHA1
2fd253b2610d12bf0aa110c932fe43717769f5a5

SHA256
8e39ed739721ac1c45c82bf12c0be62a892cc95bd94fd25e262087704b895385

SHA512
0f6cc0acb8925d634ec984234872e44a2cc85524caf0b58874cd6a18b27632eb18f44a008b6abf53ff742223569ab367e93bc947ca876ef7c22a0552ced18e50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
cf59cbf141e5d9e607e07be8090b2d06

SHA1
bef478381d5c3adcad517dc8374e047b164116bb

SHA256
e1021f6e159481b6a5bd70118673f7de0e6a57a813d6328cec24a46a23620abc

SHA512
d5bb191673780fd5eb9268f33b71fbeda8199a2777aed623836beb8bccf0b504504e7e63aa05f5687f4fb894cc82379eaf1a2a7a51b8c0180a05476ec5ae9d44

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe6592d6.TMP

Filesize
2KB

MD5
8334bdb453d488e4339b14a7fe2b2807

SHA1
8ab00353f2d9313193c6e8ad65bfc4ab40a4ab46

SHA256
01f0fbac2b936d944b67070fb67b3d5246d30d3ca4c1c2189e74d83818d10f53

SHA512
7098d8744551350c8afe7889247ce15baa1b3e1697df8880f5ab12d27680e6dd30cb241e60fb40af4417eaaf2735eff52cfa4cb3a5ff320bdbb213ca8e5e88e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
943e25a3968b1d42b91091b0d2c65875

SHA1
b9dbaffd2d4bedbd12794341a147f198217504bf

SHA256
81e3de7cca3525db996566c5fa814641d6f5247afd9fefa1fb8d909cce2dfefd

SHA512
2f7e798552a2c3abe087d8172b323aac492db6a9e0382815f0e6fbf7b06c3b8880c471a49837e3120967fbe65de1e7f6230b7a3fe63fec2be5b0025170547cc5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
36d318c1f430d0146c3975045b0abf20

SHA1
b1caf8509cc8a9defe5c0fc8d970b8c522664cc3

SHA256
b58c428db19c83283d2578a9c4b88d75de283ef594c99cb98aa3f7fa77c17fac

SHA512
70bd1bafc6b8de911e2687ac20e3a7ca10ce4b75130212bfdbfadb01450f1aa0e192b6b6ce16c17aceca73e6cb4a08f2e34441748158835760d2b387d2c904ed

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_now.gg_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
21KB

MD5
c8a9b38927d4c42512f49b3911f297ff

SHA1
99e170f8ae44ed3149858accf9207ad94a3005f9

SHA256
1575ea151acbf059318876f3b7b5c1385560c74153fc7f249b422254a96d6fef

SHA512
58c12eab0623880585cc6524bc021665f562bf35f82f7fa6fb395186714eb33473acab364b12648c9e229988b9c0feabb7d90b0de67b9d5b34b9e19914f3b8cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
21KB

MD5
50d0211fd4ca722fdda00d511f61083b

SHA1
4e28403050ed3e8d4092fb099b08c0396dc328ba

SHA256
99ea03f62ee2b068978fd50bc95c8ec3d27dacaed45c52b94cedebbd26ddc202

SHA512
38f93133d10beefe763cede2d8fe24b1423026ee97aa6685e1b04234723ac37305df2b923c54ec012ba36234479cb4f4076a94668e7fb3ce8097a13009ba1861

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
e87c5b809480581281ddd53ac257e23e

SHA1
212fcad9ccd86ce1e43e833394d45adaecec9a5a

SHA256
b550668ec07041832602f864f597fd614f19b83ca77bb6d0a3d83d79b824a257

SHA512
333fd91328c7f4fb92abbc0190a8daabfdbc13b31908d8fa7339570b29f4e88d47e4dc8f19fc9af0527ec26b3557e825f50f52147702b652435779d7c3856a38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
12KB

MD5
aa8870a01164d14d33c07e9e4f54af52

SHA1
09e6a300515613d87fe038aa3088901f53abf82c

SHA256
8e577330257fe22d3c94c212a663ef0ad1c00bef4d8af76233a43d5990d81b88

SHA512
84acaf6a6fb37675178c91f88d97cff10f1042f73f3310c81a77c4cf63c92febc09a759c6bdaf34225a5bdd786055b4316a5676c8d44c0c557ee8b00b6b96e38

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
d2ebbddbf9ea89631d68e2e772a8f292

SHA1
55e05e5926f12980da4b027c2d5bad5da92529bc

SHA256
927e804a3964eb196aece6f0dc08d04c228692feb18de6d465167385183a3d1a

SHA512
cd6bed7da0ac484aa74c43f3ec4298d52468f14ceba57b51b1638cd793fcadc0031d25f417da5c2c5757e98955af4b39782806112ff929ad6eeb77e25ac4b595

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
872B

MD5
802beb11fd815636f01af27c2b0eefc9

SHA1
a5f1e254beaf5a8f52399bdba1e171d71aa8cf0a

SHA256
cd7906650207487276ca8cfd52405732c414881e1e9ebfe9d8c16d0c61011aaf

SHA512
d8576d4c9436926060a758485d3026761e7ce9eb691d938fc48597be227b58f792a640bca3a8b358304f59513a218eede73767c86bf37f2eb2ac7ae38753a1a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
31df0b2fa048e3d4b71adc368cc7a286

SHA1
11dab9518e903028916c77519129100c0b56b0ca

SHA256
6cdde4fe20bf4761ba3041c8f949131717e2bcfcdffefc06150dc882bb3b8e21

SHA512
b75d8fd481037bec90570db5d47b7491a18c8e30f39cfa676cf99cf26ebee48bbd2b49ca761d3f2abbc10e1a530eefefa66507315c9630f9b503553f2540e7df

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
cb4c346c2d6b20a157c3592d7441f451

SHA1
5acc951eb2e7f1c92b9a902a33144ed089564b46

SHA256
fbd8b502937cadf45a186495adeccf4114f7ed587a002cc703cba657aa8bc7f0

SHA512
6445f3d4f20c29b76636da3312e08c67815b1e1d2350584fc0de9486687496e920ac626d7f0e015f3ed5ca97dec9611f5158570257b654c4c4a58a6f612a20cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
eb2c7c13b3d0fa3c7ee986660f77b94a

SHA1
b4d9888e5216e72e8f1385be319e90682bbbae0f

SHA256
47340eb9adef31b17f9ee607d8f7dccac3ab1980a9f5cd882a2236a83334ad12

SHA512
a3fa93868874f3aec50c20f340f6ef12778e63259d533a23e80a811c3923de1d718bacdcd721c4756b369b82b9a863acc06caf1dd2aaebdb097ed467a003e77b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
a020c9dc22302edcfa7fe66bfc6b7142

SHA1
7b1b9aceefeea850de66796037759655d4d81dab

SHA256
5d4e63580938d4578bae711a9ffe4a3af672588270cc8a34c6b3ee03d67a1e75

SHA512
683a53410f363bed00444479babd4c742495efb70e761f4d14fe6c68c6fbbe971494128c635f8da86773ba453645850145ff1b16b091864dc9f145f3dd2e580f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
7KB

MD5
a975706f26f66acea5ec8ed8111bbe00

SHA1
56f028e964497aa727592e501d82c1b34ef153d2

SHA256
7bad3bbae6bd67649e9e73d92237fddafef89db1e28d0e78ae81239f61a92c27

SHA512
95e373cc7786dc5ce0ce005fd60fd4e9c2a7ae0ab1d691970beb2d9b790a9f4c5a7ac3343bf3ac454683b32340ded3d09ac97c93d8f367504ff05ee3fa10e912

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
3c2334a9fafe5af42838c7293b922e82

SHA1
07f0c35890aaf68bd241706355b8c7b5e777e687

SHA256
c075db2b4fc277310a62db7984bbf0dbc3999d7736dcafad107e6cc97f048d01

SHA512
938bbed4438351e52af2c6d58f512aa5d5dcd997dfe13ecc479924c04b7da07bbf09d15b1628d19b0285b2000b16d0d684eb32c738126794aec061a542f7049d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
9c6b44c4d0802fd431002048f0a3c60a

SHA1
35da8f53547f65af283b2da27295048d13ed5f44

SHA256
b7ed19daf82487f083157d026494d918a3de5100ff85400c478089e80fde94e3

SHA512
e789ec43f5a5e59c12990dba473f1092e44688e4a1f80f4db749e2c055e22bd8108b346cc80b069da27e681883d9da3bb90ffe57e707081ec78b9c45e38d97e9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b69d8e8e923b21f0bbb9e839657d9f8f

SHA1
de8fed9e764256620ca1df7b464e3b60b8521657

SHA256
5e81d69b701762f5b8aed2b0e606135e452706ca23f961464f0faee4bffedc3e

SHA512
e045b5bbbad764ede338848360c08d93f8aada2759ba3b8eb5557749dc9b5d9b744d9f4f42c1a9ca795ee632a27e8660af47e7673873e51e736d37d5b881e720

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1dbfc3ac5e2d99d7b7e16c8a69dfef77

SHA1
3c03e41930e2967eda2c7b91cfd3234a8f3bc466

SHA256
c85198d0d7c86699d0dbf8b9a57a4c064a46d79211788fb4031cb0a048d29894

SHA512
452dd24d766ff2d2414a389736104d3a24f76a9489150d6e886b894c271a7d5e845067ea39ab7264ed898f7ff87d90ac03aaaae1780fb7dc3fdcc6daacccdd27

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
3e01260056e75d5c6d95bbbc30550054

SHA1
8c9c7d5d55ee8f349d2c52efb23b02d4661aef9d

SHA256
921ec647d824f86e8c50802a52412cc5b80ae992b53717a9d43caf6b33c4c4b9

SHA512
98c25fa59b18d569a04f5cdee151c5ea2790da51451fc5aa55d82ea45b3494af427204330fa2086b575c313fa3e1417c02a5cfe35417a4ce277128ea5e44edee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
01825708d635411bacd7602a423e3c1f

SHA1
de92c67c5194b0ac28eed947aa26fff033a677d3

SHA256
f580e0a336d9427c21f55de7215ca802ba8b96524a21572498b85bd49fc5d78b

SHA512
613446143e8b8c5d6717ac684a1f534f9d893d843745ff76a6bb2139ac5232b817dcdbf51aa78d62a92a27657639446bf990229b33d9ca1d9e6d4fc5b5cb7212

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ea395e41d4492ada3352fee8676a4aa0

SHA1
3c1adcc3a33c2d14b68874a0d7db2926acfe6100

SHA256
2836247fd02fd7d2b88362aee6498fe91f8399750e99f1b137951fc3e8fd675d

SHA512
2535fabc11fa48d7fe31e3b5d076d7ab4974a5653ad2d9e95529bfcfb739ff33b7f0b5c17fd776bbfbf4a13ab82af0ce28760bbab5b64d93dd42e891b5a7603d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
2ee8b49d6c67bb511db59ef3fe895137

SHA1
66954ded68f61fca667b2d55fc3f7f167cd87aec

SHA256
d6e46bac275a9ae57092c96959dd49d2e474c2c2694146b2e4a8b105052938f5

SHA512
eb29ab9106526ea1f692b824bf51283f1cd598a820f5635de90e28db2e7ac8e1c5a911fe1ed246853ccd2c313affc8e1f40065361d0fd70074abdded615d070d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
190dcbe038fb1e53e95e43f7605b0da2

SHA1
88d9f47a7579b55d1011be81874db4921f9cf599

SHA256
f58097aada2f72ff3a32a69732e2c406736efcb1b60fc5b5c2cc8d84400b9aa1

SHA512
76f3b7ddf8b84d962cc61b786e487484a24a31702b274e1b7cd3b0c76a0cb7cf4e4d4220a4b94d0cca8095a1e1f697d405e0adaa81d6fd9ad13d891d8db35789

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
57ae53c270facd636bd2e15e763236a8

SHA1
186ece0e87e1572ae897e66bd0320d940215b3df

SHA256
f8d26620836a187c6e49761d480e1afed0f860959ad704d270b80a4039f61592

SHA512
291163958be57f24ed10f65eb6bbdcc23655dce0e092214a2076a2658c6e5e1325de85e0d9f4f8a209acadcac44510fd793d03b1196947cca86084e2b2138b9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
57ae53c270facd636bd2e15e763236a8

SHA1
186ece0e87e1572ae897e66bd0320d940215b3df

SHA256
f8d26620836a187c6e49761d480e1afed0f860959ad704d270b80a4039f61592

SHA512
291163958be57f24ed10f65eb6bbdcc23655dce0e092214a2076a2658c6e5e1325de85e0d9f4f8a209acadcac44510fd793d03b1196947cca86084e2b2138b9e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\0c3b4484-d02a-4794-b023-c11b29b60dd2\index-dir\the-real-index

Filesize
120B

MD5
e0b4a57c0e56223919ad731bf4c37168

SHA1
1b856fce1cef18062ff7bfa8e174c10f8ac03411

SHA256
e8553ccb1349632dcd50640e3e3183008d10e9267d4b7cf8f708f821ff31f0b4

SHA512
78eb1605ebf5233005b8ad54d12adce464125f6bb280ceb929af783af67e40c3d9261390ccb7f314cd053cdc6d62665a9ca7b876a0a06795254de5ff726d68fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\0c3b4484-d02a-4794-b023-c11b29b60dd2\index-dir\the-real-index~RFe66c4be.TMP

Filesize
72B

MD5
51428c8fb3554fc55f615c68d7175842

SHA1
80d4277403aea2316cfc91e1c4eafd5371acf1a3

SHA256
bb7b6e7ba993662b654d2e2704b14605c9de64b330247fa0b933f28b8ca98b81

SHA512
1e66b2c775e20d874d08dc1bc1cc5177703560eb31b36d1cca910030221472cfde315e870e34c9bf38762cbc9ed2a84bcf7e0b6b7d0c447c7feadb1dcb5520c9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\874f7357-d07b-4833-87a9-d548b41fbeea\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\874f7357-d07b-4833-87a9-d548b41fbeea\index-dir\the-real-index

Filesize
168B

MD5
ed56e5472976115461e48c7668498c48

SHA1
6d08402714bbe5f43293753f502bd078bb859ef8

SHA256
434b76f4a463a8697bfd7323840b2d9268419f52d411d2c2876ad914c5a3d4c9

SHA512
3f29eb31ec10e390dae55be50583a2865187e822a6f522e81823f7da94e0eba068c8d9826ae241e396f86cab729d1e4594692da965a72d920a907f3d0bf583f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\874f7357-d07b-4833-87a9-d548b41fbeea\index-dir\the-real-index~RFe66c48f.TMP

Filesize
48B

MD5
e404cfd8909dca2c6f35094be3dd3eaa

SHA1
9d9b509ad2425adca404a15efd9099cf783413e7

SHA256
7ece4790b951fd020555aeec27e9daf70033c75a6979cd19bdf82ab5fe537612

SHA512
8b18aa88dbc31bff92be3e59e68e207dd5025b079a3d8aaf040f05bcd031f9342abd988b0249254e8f0be6becb52c1bdf52a4d5c82b4172cb555768fd2d91e3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\8a7e96f9-c78c-4c04-8401-80e59abd8a12\6b80c2c146519b54_0

Filesize
67KB

MD5
de9694aa05e6a43b108847389483fb56

SHA1
88378da302e7aac74a8c08fbc7e12f5167b9b70b

SHA256
656fba32acfc998406ccdc51ab35db96989efef4c61e5ea19870f6efb774c52c

SHA512
709c547e6eae8a7b66e8d0ca222b584f4ed1086d75caf26a4e99553256943e7d3d9cecd794e4149e4c9a8bf5588b62fa8338832e091879fb71f8bf56f2575601

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\8a7e96f9-c78c-4c04-8401-80e59abd8a12\index-dir\the-real-index

Filesize
600B

MD5
bf7a5fe5de6d37b42b60eaafbdcf5b31

SHA1
9d9fcc02774cd4f1c9b8b55639110d52214bf962

SHA256
ace894d4b1fb5732760da54a15fb737b1f1d6c02c9f9d14c700ed2ccea644e43

SHA512
a41cce4615d55fc6badd89033b5073bcd63868aa3d2192f2dc80a319cba8144d1b683e97a05655948b15d778a04111517508d5652a8fdaffd755257cf6fbdca6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\8a7e96f9-c78c-4c04-8401-80e59abd8a12\index-dir\the-real-index~RFe66908f.TMP

Filesize
144B

MD5
f3dc03316544a0f2a6cf98ad72a48e36

SHA1
758f5a4681cc3b1c7d52289b7ba814166ba0f0ea

SHA256
23f04df729ab8bcf90547fe3cd894a31d199b4c725540db65eecf60d6792a0e1

SHA512
2059cfb5f3455726c3d1581169e95a2a9ec45e0a270db62a3397efae8ef5f3624206c9adc8f58545ce22575cdbe72ccc5756ec8370f205f28db7dc105fc5c8d6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\997dd6a6-e9f8-4db6-961b-fe154185ae09\index-dir\the-real-index

Filesize
72B

MD5
ee7e18a06e18cae2e75fea93c8d5e81f

SHA1
1cf389fde1f7b0581a5dde258bd9e57530dbbe00

SHA256
9b38666b55610bca4ea44251a7d6d598b2d662da5ba46aa02b1621a0dcc46c5a

SHA512
627cd2720bee086f3571e8def5168034f87c2bc8c1466fb441a137c57feca5ccbf4edfeca9e481ccddcf8d84ef2e8a723f72aaa0ac144b2dddc4d5443119d3e6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\997dd6a6-e9f8-4db6-961b-fe154185ae09\index-dir\the-real-index~RFe6689d8.TMP

Filesize
48B

MD5
32f97cf501a4ef03ac0b2b7ab1c0543a

SHA1
bf5c4b45b87abca3a061516c3991f4acb1e8ccd2

SHA256
57eff5caababfe80ea631dfead3c68cbea7cc9af103fcf430f01953931210182

SHA512
3806657307e750d62188ab7e23fdd514864923b61b20ed6f931ed1c9a0f41d4a58228544a8d0f4376ba3ee559ffbc1a054af2c2b69f5a6ddd0f5e1c90aec2eb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\index.txt

Filesize
180B

MD5
44e99ee6379f4dbff0ab6c7a5d877c3a

SHA1
ff204f2affe48ca3825c6e6e71fa3df050b3cf8f

SHA256
cf02530d40d9b87e2f12233661cfdd2483ba40c26b7ae477787bd074e36fd37a

SHA512
2e017ab13c574226df2cbcd91c4ef85c4b747a91342904861c22e16d05159eae6da7246a06b507f5e843ae25a3591d18ecae921a0a0a72b1c518855202c682a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\index.txt

Filesize
248B

MD5
b1ce91a480efe04fa97d90378f91a099

SHA1
ab3aea8ae34aa809424363062bde25b9f0fbc72e

SHA256
3a174d8804eaeecfc9340d57c7f48c4dd4e0c0d5e2d4721463d1192d2eb35a36

SHA512
af1483197b961cf55ac96ca42381b20cc9cc0a97c22164b5516751e84cb3a4fb7b7bb6cf1a5cab8bd6fa9f3d04cbd12bc94788fc7b0ec664a5e12a298ef73372

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\index.txt

Filesize
313B

MD5
6fe99dd6f11d315bc9addf3a9b4e19b6

SHA1
059e3fecf739bd98c19a12579f2128087f2a2019

SHA256
0b2750b967ce24fde575f8e83c2f1299e90656ebaebe99f47959edf36741e632

SHA512
402f36e2878c8dcba5329fd887a120312c21c20f2d5614f4bf969c58b4e52b32c8532ddb072e0f9293f1fb377581862ff0ad333577321925e36b5c311769e5ba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\index.txt

Filesize
318B

MD5
eeb6cb6dd7a83dcea07719b7683a7100

SHA1
b48d6e7b3b2ec14e40c213007596a6a045d9c878

SHA256
0fea01b69982f5b45d147ef9c8ae8d9529562bd5b7d628af9f3ccb0f9e6a4f78

SHA512
80ed2525fc79b6870ea8f0506b924164ae4c155276220c32d83914845e02e62d69f6fdc8163181fc2d77f6f7d8683d86ea43e2f12fea7939bb5a1bc52a0cc582

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\ebd1d48456ac10b76eafa6e03ae8fde5deecd34e\index.txt~RFe6308a0.TMP

Filesize
109B

MD5
1739194e100623fca85ed913eb7741b7

SHA1
4e9103858b18c74204b510b138f774c6d105aaad

SHA256
b0e72856891b33d07f175323316b3472cf69b5adebf9a42456ffb75e71efe0b6

SHA512
5fc585acfd01bf6937542567dbd5c3326b87ebfee51713662728572478111908289d4e58fdb58cba8d67a7f182654148f63bfc6db408e28569f06aab19044ae7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d8ed820fb2501fa096888debe3d7043f

SHA1
f6187cb17ac28aa04c332c9ea96767aa942c688b

SHA256
ad44169c41f3e2909abd785af4d6968cf2dafffba0970fe7669be09487c45fa9

SHA512
2d257cbf6a619da0a83397ae1b659f21b947350af5847c1b54b86495dc65d07e8adfd38c25acaa48d8aa4434884a93942e03d84d70ebf35a2692476d13f32b72

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe6688ce.TMP

Filesize
72B

MD5
db6d7fce9b0935533faaea81df94b91c

SHA1
d132e06db7988d488f94622d7e2a09f8c5c28b64

SHA256
4c3a0b2756d62d7b57b8ec6d2b70419117e1b07a38c13d7d2ff625da0bad321a

SHA512
c48f672faf69190ba8bced24decc455f5e5c021dc3a491869627795322ab0c3d12e3d54a810949663cfb78754406e6c761ff0627860224c3eaad6c56fa78bb00

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13333404786862870

Filesize
53KB

MD5
d397d62623af59efc708964b1987b53f

SHA1
6d5f152dbde1024d97891008e0831025781b7eca

SHA256
e217225b02d8e861ad0544f2bdba4faf691c3f4f5ae1ab69e69f284a30650ced

SHA512
9dd90ac429a395891a062edcda0dd8fe54010db71c6437dbafe05c8a46416240ff38b3973fac9c39adbca60d94b641c488e7c6e9b2fbbce97390739b8a2a5906

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

Filesize
100B

MD5
d765fc278ed85d39893261ec4a98c5ad

SHA1
908e933e4d8183753d110eab394c96425dad90ef

SHA256
d3e8cc6b97acc520ddaaba9e9cbbb0125ae4891a537692d28b8de6bfdf626aa9

SHA512
4373eea3039dd338a94e202937e0470dcb3ec3eaa9ae44f7eccf34ac3ba1f4c678b796acf46fe7e3af50844eced90d30291431f3597de3adb2c30c76adbffdcf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
5f9d71bdc5d3323ab8621165df633f56

SHA1
69bc4cf899d558324d266d26dd27d8143dfc22eb

SHA256
aaecd4dec86d1e5f4453635edc2eb49a1511f6c9947f89301ac47b79fb2906b9

SHA512
ed2eed70de0b9291b9a45b795579a0bc58f585bc652845e72a9943181a8a533bb8ccec8c4bffbb7669dc7da5cf245e7d427962f13da6442c913b4d62cfcf7898

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

Filesize
8KB

MD5
c84cb45a7666b22a03304faacade82bf

SHA1
954b4cd13248588d1f2553fa172586f0d9770017

SHA256
898d25fd5b4982b97c5790b9e69e40212ba624973204014a48ae70b598feeb61

SHA512
c104a4688af63bd2895843a9c80d3d34936691fa1eee811bb7f914c243fc069ade2c03761e7f0313221090be3cfaf36b4474e3276331d1986cf0065df6a7b599

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
321B

MD5
fdc4fe88160e65a1195c3c118eac4050

SHA1
50553c796fdaf9fab7bfa295db0a1ca56c079273

SHA256
0f0cef87b408dff15d4e54e59218bf18ad8a108d28630a87ae31a9444c9985c2

SHA512
01501a72bbe243d39e5b4f9e151395fd19d610e795328195772e7a9c3fdfbc63b2c81fd922678a2f1419c1f99c5123920dc364a4e4c0f12c6aeed51668b46ace

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
a8322422471e567ab97c37ba5db99949

SHA1
0250a83e4aade30f16bb1c6211f849047f565263

SHA256
75b4ff972ab8837c14b74b07f91a9a5ff4fab9ccdb548b5027216723445e197c

SHA512
50e4e62689b0db312e5b44ffafccaadc1b5e8d1da77f5aca8cd33f0a4314b6fcf8a5f039cba8cda7c582094e48fe8b539831eb0f1b16b67c240a1c24791df39b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
854fd09def966faad120ffc77081dfa5

SHA1
274063c5013490c44c9fc8e6c724db6016948183

SHA256
207e6041a45722cd6f4a2e7602d97f51998462d1ec5eda276bb8bd2e814c6fac

SHA512
8397f2ffce87b59cbd834b866de1578165ab6a54a73105acb9718258992454e2f1110c485fd17e40db2e5a88c4fc15c57db73945d51aff4b2615bf635382891e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
854fd09def966faad120ffc77081dfa5

SHA1
274063c5013490c44c9fc8e6c724db6016948183

SHA256
207e6041a45722cd6f4a2e7602d97f51998462d1ec5eda276bb8bd2e814c6fac

SHA512
8397f2ffce87b59cbd834b866de1578165ab6a54a73105acb9718258992454e2f1110c485fd17e40db2e5a88c4fc15c57db73945d51aff4b2615bf635382891e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
88KB

MD5
705d49ef9c3472782b703b692c48a966

SHA1
32e04bb1440e3d8b71c3de8a5566891a2effe61d

SHA256
d98333f1c5a0d0bddfb83f0115c3a533ccd4ffe5b25d5f70f7b7ac57080d6fa3

SHA512
ac88838f91adbb45c394d3ad7e252f188bb860773081f5276837f0584f239d15bc3741d3f9ec2334e4342f35edb940eef5fe735a2907719ab6070ff0cb212558

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
101KB

MD5
4e52eda04a5d791ee543965c838cf619

SHA1
3bf6f83a469bafdc25126698ce366a72c0a4d1a5

SHA256
53bcca64eed5ea15960aa6f9b352d97bfd2658fed06068ff36a5a82ce883ef7f

SHA512
56ddfcb84cf65648f3c4b2d9a66272a1d30b9ab6353fcb87d163915c1d66492fae04fa56915bb9cd230fdc8c4dc9e5f40d2bf36752f73564a7a1687cf9be814e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
a4523c2ec2bec1d17c01cee8f11a47bd

SHA1
ca7176c5cf3700c5baead3e40dad50ab69bcbc30

SHA256
e578380606bccb503eae75b2f9ac01e97f13be9a260a59f9af24b119bf8735af

SHA512
fdc181e728bf30ed68ee7510964f8e2c00505891a7c3ebcb7851ce3c635da5cf502978009a93940bd42410f52f4db2264446a5c6f6d1c261614dada697a106cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
105KB

MD5
87b4b5396be28d666bdba6d63956fdbd

SHA1
dbd345c402bd99d78eabdc3885352235596a7f4b

SHA256
0613deca0d540a2c9a2d275059490718cbe541ca0b680afa381047ff300bae5c

SHA512
fd28980e1d5cc4f0941abf6d8c9a3b40d220359c89d61dfdf1131eab61c33415ad8e63caaa0932277740dd90e11fc8e8b4bc681aa347e6f112bdd6ce2e933aaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe62ea4b.TMP

Filesize
98KB

MD5
4bb4934dc715dc888878b1c6c9a7863e

SHA1
277c70050be5bb6684c063be86d6bbcc849eae58

SHA256
2921f0fe57ece6a6add0345372c875ebc0d84442f7bdb6d26b39a0f38154fbff

SHA512
5adf17fc8413fed7c22e4f8405d376a0b5161ce195b1c997d0653ef094c9fbe6fa62b27d193581f57137c4700fbb9f41db930a98bc16e82986d38081bb830fa6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
f732dbed9289177d15e236d0f8f2ddd3

SHA1
53f822af51b014bc3d4b575865d9c3ef0e4debde

SHA256
2741df9ee9e9d9883397078f94480e9bc1d9c76996eec5cfe4e77929337cbe93

SHA512
b64e5021f32e26c752fcba15a139815894309b25644e74ceca46a9aa97070bca3b77ded569a9bfd694193d035ba75b61a8d6262c8e6d5c4d76b452b38f5150a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit